Presentation is loading. Please wait.

Presentation is loading. Please wait.

Design, Process, and Review for LANDesk 8.8 Alerting and Monitoring.

Published byJayson Johnson Modified over 9 years ago

Similar presentations

Presentation on theme: "Design, Process, and Review for LANDesk 8.8 Alerting and Monitoring."— Presentation transcript:

1 Design, Process, and Review for LANDesk 8.8 Alerting and Monitoring

2 Overview Core Side Setup and Configuration Alert.exe Overview System and Server Manager Specific Core Side Alerts Specific Client Side Alerts General Issues

3 Core Side Setup and Configuration Differences ›In 8.7 System Manager was a separate component System Manager had it’s own Web Console that was used to configure alerts The Core Server had a separate 32-bit interface to configure alerts for the core only. Several actions were available: Log, Email, Fax, Page, etc. But most of these options were largely never used. ›In 8.8 System Manager and the Core interface were combined on the core and a new interface was born: Flash Console All alerting rulesets are now edited through the Flash Console Actions have changed: Intel vPro, Log, Email, Run an application on the core, Send an SNMP Trap More options for ruleset deployment are available: Add, Remove All, or Replace.

4 Core Side Setup and Configuration (Cont.) Similarities ›The same 3 alert requirements are in place. Alert: What is it you want to alert on? Action: What action(s) do you want to take when the alert happens? Time: When do you want to monitor and alert on the event? ›A System or Server Manager License is still required for most alerts on the client. ›Core side alerts and abilities are basically the same. ›Health can be changed for certain alerts Example: If a device can no longer be detected with a PING then it’s icon in inventory can be changed to “critical” and will have a red bang icon next to it. Once the device comes back online the health status returns to normal.

5 Core Side Setup and Configuration (Cont.)

6

7

8 Alerting Configuration Process ›Configure the alert ›Save the alert ruleset ›Publish the alert ruleset ›Distribute the alert ruleset to clients

9 Core Side Setup and Configuration (Cont.) Distributing Alerts: ›Alerting rulesets need to be saved and published before distribution can take place. ›Alertsync.exe is called and a pull takes place

10 Core Side Setup and Configuration (Cont.)

11 Email ›Common mistakes and problems Multiple % symbols are used. %D=%D where as %D = Description Incorrect spaces % space D Variables are used somewhere besides Subject and Body ›Log files Alertservice.log ›C:\Progam Files\LANDesk\ManagementSuite ›This log will display the exact command sent to the email server. This can help with formating. Sendemail.log ›C:\Program Files\LANDesk\ManagementSuite ›This log will report errors when communicating with the email server

12 Alert.exe Overview Alert.exe is like a subsystem. Various applications call alert.exe with command line parameters about what alert they want logged. ›Alert.exe references the ruleset XML files for details about the alert. ›Alert.exe attempts to transmit the alert to the core or in the case of a core side alert it’s logged in the database. ›If the core server or the inventory server is busy then the alert is saved as an XML file in a queue folder. Alert Queue folders reside on the client and core. After a short period of time alert.exe or alertservice.exe (core server) will check the queue and process the alert.

13 Alert.exe Overview (Continued) What calls alert.exe? ›Services LDINV32 (Core Inventory Server), Vulscan, etc. ›Providers LDmemory.exe LDdrives.exe LDapplication.exe Etc.

14 Alert.exe Overview (Continued)

15 http://clientnameORIP:9595/ldclient/ldprov.cgi/index

16 Alert.exe Overview (Continued) LDMemory (addremovememorymonitor)

17 Core Side Alerts What alerts are available on the core? ›A detailed list is contained in the core alert ruleset ›Device Monitoring Sends a ping to a device and will alert when a device is not responsive. Configured in two pieces ›What devices to monitor? ›Configuration of the actual alert. Note: This alert is enabled by default in 8.8 SP2 with a log action This ability should be limited to important servers as it uses the same system as Agent Discovery and can interfere if too many pings are going out too rapidly. Many devices can be monitored but the entire inventory shouldn’t be monitored. Monitoring of this alert relies on PING and therefore DNS etc.

18 Core Side Alerts (Continued) Device Monitoring ›Configure – Services Menu on the core

19 Core Side Alerts (Continued) Inventory Changed Alert ›Alerts when a pre-selected inventory item has changed since the last inventory scan. ›Configured in two spots Inventory History (to select what inventory items to monitor) Inventory Changed Alert itself

20 Core Side Alerts (Continued) Inventory Changed Alert ›Configure – Inventory History on the core ›Inventory = Logs changes in the devices Inventory History Diaglog ›NT Log = Logs changes in the NT Event Log ›Alert = Send an alert

21 Core Side Alerts (Continued)

22 Client Side Alerts What alerts are available for the client? ›All alerts are listed in the LDMS Default Ruleset ›Some alerts are configured in other locations Example: Security and Patch has an “alert” group. If a definition is discovered on a particular device then an alert can be fired to show that device as needing the patch in the alert group Logs ›Most client logs are reported in C:\Program Files\LANDesk\Shared Files\

23 Client Side Alerts (Continued) Example client alert: Service Monitoring ›This alert is part of the Server Manager add-on. ›The alert fires when a previously specified service is started or stopped. ›Process Walkthrough…

24 System and Server Manager System Manager ›Designed for desktop systems and interacting with general hardware Can alert on memory, hard drive space, CPU usage, etc. Server Manager ›Designed for server class systems with added hardware chipsets and sensors. IPMI alerting capabilities for temperature, fan speeds, etc. Enhanced alerting (which includes all System Manager Alerts) ›Example: The ability to alert when a service has started or stopped.

25 General Issues Log’s Tab fails to display any results or an Application Error occurs while loading the Tab. ›Cause: Too many alerts logged in the Alert Log table ›Resolution: http://community.landesk.com/support/docs/DOC-5036 Resolution involves removing records from the Alertlog Table in the database and then configuring clients so that the “Agent Started” alert is not triggered. “Management Agent Started” Alert ›Designed for System Manager to update the health status.

26 General Issues An Email Action is configured and the alert is logged at the core but an email is not received. ›Cause: Email authentication was changed in 8.8 and by default doesn’t allow Plain Authentication. ›Resolution: Enable Plain Authentication by changing the “NonExtended” database entry in the AlertEmail Table from “0” to “1” for each configured Email Alert Action. http://community.landesk.com/support/docs/DOC-2849

27 General Issues Troubleshooting email configuration ›Email Servers can vary Sendemail.exe performs a “fire and forget” action ›Using “helo” and “ehlo” Some type of authentication is needed on the email server. http://community.landesk.com/support/docs/DOC-2687 SMTP mail uses a reserved port number (25) to handle the protocol. SMTP servers can accept un-authenticated mail or they may impose a variety of user/password schemes. In order to invoke authentication, the SMTP server must accept extended commands. So instead of using the HELO command to start an SMTP session, the EHLO (Extended HELO) command is used. Authentication is only available in the Extended SMTP case. Here is an example of both the HELO and EHLO commands submitted to an SMTP server:

28 General Issues When selecting Alerting in the 32-bit console some of the rulesets are missing ›Cause: Server or System Manager wasn’t installed on the core when the core was initially configured. Some alerts are designed for the enhanced capability of Server or System Manager. If these components are not installed then some rulesets will be missing ›Resolution: None. Unless Server or System Manager is desired. These rulesets can be added later with the help of the following document: http://community.landesk.com/support/docs/DOC-2775

29 General Issues Sometimes when using the “Inventory Change Alert” to alert when a specific inventory item has changed the Node/Name appears blank ›Cause: The inventory server processes the alert and calls alert.exe with all of the alert information added as part of the command line. This is accomplished while the scan is being processed and before it’s recorded in the database. During this process the node is checked in the database which appears blank when the scan is received from a new device. ›Resolution: An escalation is filed to change this behavior in the future. For now any alerts received in this state simply indicate that the scan came from a new device.

30 Further Questions/Contact Information Name: John Trafelet, PSE Console Email: john.trafelet@landesk.com

Download ppt "Design, Process, and Review for LANDesk 8.8 Alerting and Monitoring."

Similar presentations

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
ClearCube Blade Manager 4.0 Overview and Demonstration Rev. 11-09-04.

ClearCube Blade Manager 4.0 Overview and Demonstration Rev
MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 10 Performance Tuning.

MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 10 Performance Tuning.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Optimizing Windows Vista Performance Lesson 10. Skills Matrix Technology SkillObjective DomainObjective # Introducing ReadyBoostTroubleshoot performance.

Optimizing Windows Vista Performance Lesson 10. Skills Matrix Technology SkillObjective DomainObjective # Introducing ReadyBoostTroubleshoot performance.
Unauthorized Reproduction Prohibited SkyPoint Alarm Integration Add-On Using OnGuard Alarms to create events in SkyPoint Also called ‘SkyPoint V0’ CR4400.

Unauthorized Reproduction Prohibited SkyPoint Alarm Integration Add-On Using OnGuard Alarms to create events in SkyPoint Also called ‘SkyPoint V0’ CR4400.
Troubleshooting.

Troubleshooting.
Hands-On Microsoft Windows Server 2003 Administration Chapter 10 Monitoring and Troubleshooting Windows Server 2003.

Hands-On Microsoft Windows Server 2003 Administration Chapter 10 Monitoring and Troubleshooting Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.
Chapter 14 Chapter 14: Server Monitoring and Optimization.

Chapter 14 Chapter 14: Server Monitoring and Optimization.
Chapter 11 - Monitoring Server Performance1 Ch. 11 – Monitoring Server Performance MIS 431 – created Spring 2006.

Chapter 11 - Monitoring Server Performance1 Ch. 11 – Monitoring Server Performance MIS 431 – created Spring 2006.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Module 6 Windows 2000 Professional 6.1 Installation 6.2 Administration/User Interface 6.3 User Accounts 6.4 Managing the File System 6.5 Services.

Module 6 Windows 2000 Professional 6.1 Installation 6.2 Administration/User Interface 6.3 User Accounts 6.4 Managing the File System 6.5 Services.
Lesson 1: Configuring Network Load Balancing

Lesson 1: Configuring Network Load Balancing
Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 5: User Environment and Multiple Languages.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 5: User Environment and Multiple Languages.
Cambodia-India Entrepreneurship Development Centre - : :.... :-:-

Cambodia-India Entrepreneurship Development Centre - : :.... :-:-
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Using the Windows Event Viewer and Task Scheduler Chapter 5.

Using the Windows Event Viewer and Task Scheduler Chapter 5.

Similar presentations

Ads by Google